SUPEE-6482

SUPEE-6482 is a bundle of patches that resolve several security-related issues.

You can find more details on the vulnerabilties address by this patch below:

SSRF Vulnerability in WSDL file - APPSEC-1020

Type:

Remote File Inclusion

CVSSv3 Severity:

5.3 (Medium)

Known Attacks:

None

Description:

Incorrect encoding of API password can lead to probing internal network resources or remote file inclusion.

Product(s) Affected:

Magento CE prior to 1.9.2.1, and Magento EE prior to 1.14.2.1

Fixed In:

CE 1.9.2.1, EE 1.14.2.1

Reporter:

Matthew Barry

Autoloaded File Inclusion in Magento SOAP API - APPSEC-1019

Type:

Remote Code Execution (RCE)

CVSSv3 Severity:

6.5 (Medium)

Known Attacks:

None

Description:

Incorrect validation of a SOAP API request makes it possible to autoload code. The exploit requires the attacker to first log in with API credentials. Depending on the PHP version and/or configuration settings, code can then be loaded from a remote location.

Product(s) Affected:

Magento CE prior to 1.9.2.1, and Magento EE prior to 1.14.2.1

Fixed In:

CE 1.9.2.1, EE 1.14.2.1

Reporter:

Egidio Danilo Romano

For Magento Enterprise Edition Only:

Cross-site Scripting/Cache Poisoning - APPSEC-1030

Type:

Cross-site Scripting (XSS) - Stored / Cache Poisoning

CVSSv3 Severity:

9.3 (Critical)

Known Attacks:

None

Description:

Unvalidated host header leaks into response and page. Because the page can be cached, this leak poses a risk for all store customers because any HTML or JavaScript code can be injected. Such an exploit works only with specific server configurations, and allows an attacker to intercept a session or modify a page with fake credit card forms, etc.

Partners: Go to the Partner Portal, select Technical Resources and then select Download from the Enterprise Edition panel. Next, navigate to Magento Enterprise Edition > Patches & Support and look for the folder titled "Security Patches – July 2015."

Enterprise Edition Merchants: Go to My Account, select the Downloads tab, and then navigate to Magento Enterprise Edition > Support Patches. Look for the folder titled “Security Patches – July 2015.” Merchants can also upgrade to the latest version of the Enterprise Edition and receive the security fixes as part of the core code.

Community Edition Merchants: Patches for earlier versions of Community Edition can be found on the Community Edition download page (look for SUPEE-6285). Merchants can also upgrade today to to the latest version of the Community Edition and receive the security fixes as part of the core code.

Be sure to implement and test the patch in a development environment first to confirm that it works as expected before deploying it to a production site. Information about installing patches for Magento Enterprise Edition and Magento Community Edition is available online.